How Do I Set Up A Pentesting Lab W/ Win?

[555]

How do I set up a pentesting lab with windows as my main OS and only using one pc? I am pretty sure I will need VMware of some type, how would the IP's work? Could I be in VM#1 - BT4, and then attack VM#2 - win xp? but still have my main os as win 7? thanks

[BlueWyvern]

Use VMWare Player and select NAT as the network type, each virtual machine will act as a physical machine to your router.

Also each VM will run in it's own window so you will still have your windows 7 or w/e your main os is to work in.

[digip]

VMware workstation would be a better option, but its not free like their VMware Player. I'm not sure if VMware Player can run multiple instances at the same time. Either way, through VMware or whatever you choose to use (Virtual Box, Virtual PC, Vmware, etc) you can network them all together to a separate subnet than your main host system and run them all at the same time. You just need a machine with enough RAM and CPU power to have them all up concurrently.

At a minimum a DUAL core machine with at least 4GiB of ram, but for best results, a 64-bit OS with 6GiB (or greater) of RAM and a quad core CPU (or greater) would be better in the case of running multiple machines at the same time. The real bottleneck however will most likely be your HDD(s). Having multiple HDD's to put them on instead of the same one your Host OS runs on or even a raid setup will help tremendously but not a requirement.

[Mr-Protocol]

Virtual Box + correct networking mode.

http://www.virtualbox.org/manual/ch06.html

To keep it on a dedicated pen-test network, use the "internal network" setting.

Internal networking

This can be used to create a different kind of software-based network which is visible to selected virtual machines, but not to applications running on the host or to the outside world.

[555]

Allright..

So I need to set up VMware workstation, use an internal networking method w/ NAT & Bridging(?) for the 2 VM ware OS and I should use different HD, or a different partition on the drive for the VM's? (But can still use it on one drive)

What would the network ip's look like for a VM? 192.x.x.x? then set that as the internal network for my pentesting? (or can you create your own internal IP's for pen testing use that excludes outside networks) Thanks for all of your response, it is very helpful..

After that is working, then just boot both VM's at once and have fun hacking??

[Infiltrator]

1) My network VM adapters are all set to bridged mode, reason being so they can get an IP address directly from my DHCP server.

2) Each VM should have its own virtual drive, so create your first VM install whatever OS you want and then move onto the next one.

3) Or you can copy your first VM virtual drive, rename it and use it for the second VM, so it saves you time

4) And last, correct just boot them off and have fun.

Hope this helps.

[Mr-Protocol]

1) My network VM adapters are all set to bridged mode, reason being so they can get an IP address directly from my DHCP server.

2) Each VM should have its own virtual drive, so create your first VM install whatever OS you want and then move onto the next one.

3) Or you can copy your first VM virtual drive, rename it and use it for the second VM, so it saves you time

4) And last, correct just boot them off and have fun.

Hope this helps.

for a pen test network you want to segment the VMs from your actual network so you don't exploit your own machines. Hense test network. Internal Network option (VirtualBox)

[Infiltrator]

for a pen test network you want to segment the VMs from your actual network so you don't exploit your own machines. Hense test network. Internal Network option (VirtualBox)

Yes I am aware of that part and I never really exploited my own machines accidentally.

I am very cautions when I am performing pen testing on my network.

I make a list of the machines I want to exploit.

[digip]

I use NAT setting son my VMS VMware has its own DHCP service and this way, I can make them on a different subnet than my normal lan. My host OS is on a non-standard a class subnet while my VMs are all C class subnets. The VMs see each other, but don't see the host OS unless I enable the VM adapter for NAT which lets them ping my router and other machines on my normal lan.

[BattZ]

There are several ways you can set it up. I have 2 NIC's in my main machine and will run BT4 and some type of windows on it, connect it to a old Linksys router I have, and connect a laptop with a faulty video card to it, running 1 or 2 VMs. But if your only using 1 computer, Mr-Protocol's internal network would work, or you could setup your DHCP server to give your VMs a different network to play in. Though there is no reason to bring your router into it if you just want to hack your windows VM from your BT VM, so it all depends on what you want to do and feel comfortable with.